ChanServ changed the topic of #kisslinux to: Unnofficial KISS Linux community channel | https://kisscommunity.org | post logs or else | "Seek simplicity but distrust it" -- Alfred North Whitehead
adwu has joined #kisslinux
<adwu>
hey how am I exactly supposed to install kiss linux with cryptsetup? I know I will need to use tinyramfs but sadly I couldn’t find anything that documents that
<tleydxdy[m]>
I mostly just followed what I do on arch
<tleydxdy[m]>
and used dracut
<tleydxdy[m]>
wait no, I did handroll one eventually I think
<tleydxdy[m]>
lemme find it
<adwu>
I should encrypt the drive and then start compiling everything on the pseudo drive right?
<tleydxdy[m]>
well, you should install onto a encrypted drive, yes
<adwu>
ok and thats the thing, I am not really sure how to do that because first I need to add the community repo which has cryptsetup and then I need to build cryptsetup but then how am I supposed to encrypt the drive
<tleydxdy[m]>
I installed from an arch system, so I had everything I needed
<tleydxdy[m]>
lol
<adwu>
will cryptsetup handle that qhen I encrypt the drive?
<tleydxdy[m]>
anyway, there's the important parts of my initramfs https://bpa.st/WQVA
<tleydxdy[m]>
you just package it as the init and all the tools it uses and it's good
<tleydxdy[m]>
* it uses into the initramfs and it's
<tleydxdy[m]>
adwu: I didn't get it
<adwu>
wtf
<adwu>
weird anyway how can I package it as the init
<tleydxdy[m]>
you can read up on how to make a initramfs
<adwu>
tinyramfs has no documentation (at least in the github)
<adwu>
oh I get it, this is more minimal as well right?
<tleydxdy[m]>
yeah
<tleydxdy[m]>
initramfs is pretty simple
<tleydxdy[m]>
just whatever is needed to mount your root
<adwu>
I sometimes forget that gentoo wiki has everything
<adwu>
thanks man
<dilyn>
theoretically you can just write a shell script that does the commands you would normally do to unlock and mount your disk and embed that in the kernel :v
<tleydxdy[m]>
yep, what's what I'm doing
<tleydxdy[m]>
kernel efistub
<dilyn>
oh that's what the wiki page is about! nice
<dilyn>
incredible
<dilyn>
slackware had a guide floating around for writing a small initramfs in C haha
<tleydxdy[m]>
lol
<tleydxdy[m]>
at that point just don't use a initramfs XD
<dilyn>
:v
adwu has quit [Quit: Client closed]
<bujeddhazeus>
So, if I may ask... the old kisslinux repos are now active again
<bujeddhazeus>
Why still keep it split?
<bujeddhazeus>
I notice also that it's wayland vs x11
<bujeddhazeus>
I saw a bit on the web about Dylan'a disappearance and I don't mean to pry
<bujeddhazeus>
That's not really what I'm asking
<dilyn>
there isn't a split
<dilyn>
kiss-community is now just maintaining a community repository which keeps to a similar style as the official repository
<dilyn>
it only keeps things which don't require X, libressl, etc.
<bujeddhazeus>
Hmm ok
<bujeddhazeus>
So you dudes ended up reconnecting with Dylan a bit?
<testuser[m]>
Hi
<bujeddhazeus>
Hi
<dilyn>
I just learned how to use macros in vim and it's so powerful
<bujeddhazeus>
Ah I've not looked into those yet
<dilyn>
basically it's just q<some letter to map the macro to>
<dilyn>
do the shit you want
<dilyn>
press q again
<dilyn>
then whenever you hit \@<that same letter you recorded> the macro will execute
<dilyn>
and you can do n\@<that letter> to do it n times
<dilyn>
so I prepended text to every other line across a thousand lines in less than two seconds. was nice
<bujeddhazeus>
That's pretty cool
<noocsharp>
probably the most important feature that's missing in vi
<bujeddhazeus>
You mean original vi?
<bujeddhazeus>
Or busybox vi?
<dilyn>
unfortunately all my text manipulation work lead to a single, missing :. somewhere in over a thousand lines of text
<dilyn>
smdh
<bujeddhazeus>
Ouch.
<noocsharp>
i think any vi
<bujeddhazeus>
Ah
<dilyn>
just have to find the line that isn't green but it hurts my eyes lmao
<bujeddhazeus>
Is there anything you can query for that comes to mind?
<noocsharp>
wdym query for?
<bujeddhazeus>
In vim
<bujeddhazeus>
Press /
<bujeddhazeus>
Then type text to search
<noocsharp>
oh, you were responding to dilyn
<bujeddhazeus>
query/search, whichever :)
<bujeddhazeus>
yeah
<dilyn>
no :\
<bujeddhazeus>
Hrm
<dilyn>
every other line ends in :, every other other line doesn't. lol
<bujeddhazeus>
Search for three consecutive lines not ending with :.
<dilyn>
that was certainly an option
<dilyn>
I opted for nuking the section and redoing the work
<dilyn>
with a macro, took five seconds
<dilyn>
incredible
<noocsharp>
took 5 seconds to execute the macro?
<noocsharp>
or to set it up and then execute it?
<dilyn>
took four seconds to record the macro
<bujeddhazeus>
Heh coffee?
<noocsharp>
was gonna say, 5 seconds is suspiciously slow...
<dilyn>
it's late and I'm prepping for a presentation the morning and I need to collect this data >=| should've made coffee...
<bujeddhazeus>
:>
<noocsharp>
powerpoint?
<dilyn>
security related stuff
<bujeddhazeus>
Nooooo
<bujeddhazeus>
That doesn't exist anymore
<bujeddhazeus>
Neither PowerPoint nor security xD
<dilyn>
there are some scripts that probe some information I have to make use of, but it's hard to get the scripts to run because of how locked down the system is (RO filesystem); that fact alone isn't evidence enough that the system is secure, soooo here I am /shrug
<bujeddhazeus>
O
<bujeddhazeus>
What, squashfs / ?
<dilyn>
mmhmm
<bujeddhazeus>
Neat
<bujeddhazeus>
Is tmpfs + overlayfs permitted?
<dilyn>
so I have to add the contents of these files to a writeable space, and then bind-mount that writeable space over the read only section
<dilyn>
in this case yes
<bujeddhazeus>
Like, you can tmpfs, mount bind to lowerdir, mount overlayfs, chroot and run script
<dilyn>
yeah but I need to show it's feasible given the constraints of the system (snaps)
<bujeddhazeus>
snap eh
<dilyn>
yeah. in some ways (like this case), they're a prime example of choosing security so much it's inconvenient
<bujeddhazeus>
Heh
<dilyn>
i'm trying to prove it's secure and the only way to do that is abuse holes in security I made xD
<bujeddhazeus>
Well
<noocsharp>
what does "proving it's secure" entail?
<dilyn>
showing that it checks a "large-enough" number of boxes under a CIS Benchmark audit
<noocsharp>
ah, so basically as rigorous as a mathematical proof
<dilyn>
noocsharp: less rigorous than maths but in a sense
<noocsharp>
i was joking
<dilyn>
lmao
<dilyn>
CIS Benchmarks are literally just a PDF. for ubuntu, it's over 500 pages
<dilyn>
fucking absurd
<dilyn>
100% CIS is basically an airgapped box that no user can access because no users exist
<bujeddhazeus>
Heh
<noocsharp>
did you check that the software you're using to read the pdf doesn't have any vulnerabilities
<bujeddhazeus>
It's also a snap
<bujeddhazeus>
Perhaps
<dilyn>
xD
<dilyn>
my eyes are quite vulnerable so I'm using some *professional tools* (read: bash scripts) to do the testing
<noocsharp>
should port them to sh
<dilyn>
in this case... probably wouldn't be too hard
<bujeddhazeus>
Heh
<bujeddhazeus>
`export -f` is bad mkay?
<dilyn>
`OpenSCAP Error: subtype 2 not supported` grrr
acheam has quit [Ping timeout: 256 seconds]
acheam has joined #kisslinux
mahmutov has quit [Ping timeout: 268 seconds]
Natris1979 has joined #kisslinux
jleightcap has quit [Ping timeout: 256 seconds]
jleightcap has joined #kisslinux
<Natris1979>
building go projects is surprisingly difficult when you don't write go everyday :-/
<tleydxdy[m]>
or don't have internet
<Natris1979>
ah, aur is my friend
<Natris1979>
tleydxdy[m]: yeah, I can imagine. Everything seems to try to hit the internet
<Natris1979>
actually seems quite tricky to make it install this thing and not download anything other than what's in `sources`
<Natris1979>
huh, looks like most people who distribute any go packages of any complexity on kiss just distribute binaries.
<testuser[m]>
I don't think it's possible to drop the network requirement easily
<testuser[m]>
U need to vendor everything imto a folder
<testuser[m]>
Then make go use that
<testuser[m]>
But "modern" projects pull in tons of shit
<testuser[m]>
Like 50-100 deps
<testuser[m]>
Check the dnscrypt-proxy package, it's dependences come bundled in the Tarball only
<Natris1979>
yeah.. I was going to pull in this colour version of `cat` called ccat. And it pulls in like 6 dependencies for a thing that's just some simple syntax highlighting. So now I'm thinking about just going with an old gnu program called source-highlight that does the same thing that was written in C (C++?)
<Natris1979>
so much simpler
<testuser[m]>
I just pipe stuff into my text editor
<testuser[m]>
does the same thing
<testuser[m]>
And will have searching capabilities too
<Natris1979>
oh that's smart
<Natris1979>
ls
<Natris1979>
cd /var/db/kiss/community/community/
<Natris1979>
grr. gotta stop doing that
<Natris1979>
lol, my irc client even tab completed that for me for some reason
<bujeddhazeus>
Yep :>
<bujeddhazeus>
irssi does that
<Natris1979>
I guess that could be useful if I was asking about a path or something
<bujeddhazeus>
Yep. Dangerous too
<bujeddhazeus>
Never irc in your work vm
<Natris1979>
true enough. Don't think I ever have, but now I'll be careful not to start
<bujeddhazeus>
Actually, nowadays I don't even directly use linux for irc...
<Natris1979>
do you just use a web browser or something?
<bujeddhazeus>
Phone
<bujeddhazeus>
Hence the capital letters
<Natris1979>
ah interesting. Never even thought about using it on my phone
<bujeddhazeus>
Well actually I'm bridged onto libera via matrix
<Natris1979>
And here I thought you were just a stickler for grammar
<bujeddhazeus>
Haha
<bujeddhazeus>
Both
<Natris1979>
I can respect that.
<bujeddhazeus>
Although, forget capitals on irc when typing
cem has quit [*.net *.split]
stilbruch has quit [*.net *.split]
noocsharp has quit [*.net *.split]
cem has joined #kisslinux
<bujeddhazeus>
Too much of a waste of time
<Natris1979>
I tend to too. But only the first letter of a line for some reason. Not sure how I picked up that habit
stilbruch has joined #kisslinux
<bujeddhazeus>
Heh
<bujeddhazeus>
Probably best to practice for if ever I feel like it would be worth writing a novel or whatever
<Natris1979>
I'm betting you could write a regex to fix that right up. Don't worry too much
<bujeddhazeus>
True
<bujeddhazeus>
After all, it would be written in vim
vulpine has quit [*.net *.split]
aosync has quit [*.net *.split]
ziofork has quit [*.net *.split]
aosync has joined #kisslinux
ziofork has joined #kisslinux
<Natris1979>
Or if, one day, you feel really brave: vis.
vulpine has joined #kisslinux
<testuser[m]>
busybox vi if you're braver
<testuser[m]>
Has anyone used it ? It doesn't even redraw properly
<Natris1979>
I've been using that for a few days as I play with kiss. Close to biting the bullet for vim though
<Natris1979>
been fine for me, but it's only been quick edits
<bujeddhazeus>
Heh plan9 eh. Is haiku shipping with vis?
<bujeddhazeus>
testuser: I do
<bujeddhazeus>
Sometimes
<Natris1979>
I haven't actually used vis. I've only read about it. But it seems interesting
<bujeddhazeus>
Heh
<Natris1979>
used to be an Emacs guy
<bujeddhazeus>
Oh wait. Haiku is based on BE os
<Natris1979>
yeah, vis I think is for your modern standard os's. But it's a combination of vim and sam from plan9
<Natris1979>
*OSes
<bujeddhazeus>
Ah I see
Natris1979 has quit [Ping timeout: 256 seconds]
acheam has quit [Ping timeout: 256 seconds]
acheam has joined #kisslinux
smartin has joined #kisslinux
Guest3775 has joined #kisslinux
Guest3775 has quit [Quit: Client closed]
<soliwilos>
I've been using vis for a while, instead of vim. It's nice.
n3o has joined #kisslinux
n3o has quit [Remote host closed the connection]
acheam has quit [Ping timeout: 256 seconds]
acheam has joined #kisslinux
illiliti has joined #kisslinux
<cem>
testuser[m]: busybox vi isn't that bad tbh
<cem>
But then again, I don't mainly use vi
<cem>
I prefer neatvi out of all the vi implementations I've used, and neatvi's biggest problem is that it never redraws automatically
<cem>
You have to do it manually when you spawn a new window in a tiling wm or something like that
<testuser[m]>
couldn't that be fixed trivially
<cem>
Probably, but since I use it for very trivial purposes, I don't mind it that much
<cem>
Pressing Ctrl+L every once in a while is easier than editing its source code
<cem>
Also, I don't think neatvi has a window event loop that catches things like resizes
<testuser[m]>
how else would it poll input then, without loop
<testuser[m]>
kyx0r's fork seems to have it , atleast
<cem>
I think it loops for input rather than window events
<cem>
I'll check kyx0r's fork
<testuser[m]>
yeah i mean that only
<testuser[m]>
it could have a signal handler that just sets a variable
<testuser[m]>
and the loop checks that
<cem>
why a build.sh instead of Makefile
* cem
shakes head
<cem>
yeah, it doesn't have the same issue with upstream
<cem>
neat!
<cem>
Ah, it seems upstream also fixed this issue
<cem>
It's just not released yet
noocsharp has joined #kisslinux
acheam has quit [Remote host closed the connection]
illiliti has quit [Read error: Connection reset by peer]
mahmutov has joined #kisslinux
Guest86 has joined #kisslinux
Guest86 has quit [Quit: Client closed]
natris1979[m] has joined #kisslinux
barpthewire has quit [Remote host closed the connection]
acheam has joined #kisslinux
<acheam>
yay with git 2.34, commits can now be signed with OpenSSH!
<acheam>
always happy to see less dependence on GNU
barpthewire has joined #kisslinux
barpthewire has quit [Remote host closed the connection]
barpthewire has joined #kisslinux
barpthewire has quit [Remote host closed the connection]
barpthewire has joined #kisslinux
<noocsharp>
signify when
<phoebos>
cem: the build.sh was to keep to POSIX while getting the #defines right across *nixes
<phoebos>
personally i'd have used an #ifdef BSD in the code but idk
smartin has quit [Quit: smartin]
acheam has quit [Remote host closed the connection]